Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          q8yyXzvroFJlHzKlm74UvojqWfuhV3AtoSIllWnTJYo=
Subject key identifier:   B5:EF:7F:6D:DF:52:39:7F:ED:F9:97:8B:3F:C4:04:70:73:A2:13:ED
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       01974AB1788FED2644AA2E36CDFC3D9E6012
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          038C
Signing time:             Sat 07 Jun 2025 14:00:34 +0000
Manifest this update:     Sat 07 Jun 2025 14:00:34 +0000
Manifest next update:     Sun 08 Jun 2025 14:00:34 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: vkthLw4XZwTvKUe0l+z+dDqtMcLth9F3RvNP41Rtp7E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:b1:78:8f:ed:26:44:aa:2e:36:cd:fc:3d:9e:60:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Jun  7 14:00:34 2025 GMT
            Not After : Jun  8 14:00:34 2025 GMT
        Subject: CN=b5ef7f6ddf52397fedf9978b3fc4047073a213ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:7d:46:bc:47:7b:30:fe:70:26:f4:4f:24:9a:
                    b2:15:9b:84:43:7b:d6:36:01:89:1b:5e:13:18:41:
                    0e:0b:eb:cd:18:04:fc:bf:c2:46:ef:99:be:b2:7b:
                    c1:56:cb:7f:3d:51:58:4a:32:80:29:c4:1b:4b:39:
                    a3:d3:6d:cd:27:f0:0f:76:9d:e0:44:f2:2d:3d:bd:
                    37:fe:ef:e6:19:7e:0c:cd:96:6e:60:c1:71:fe:d7:
                    c7:0c:88:a8:63:ca:56:7c:df:e9:f3:f9:af:cf:08:
                    37:28:dd:2b:ae:4a:24:00:fe:96:3c:df:2a:e7:91:
                    59:d9:d9:3f:4e:77:85:c6:5d:75:50:90:f5:97:55:
                    25:5b:0f:b2:48:d2:f4:ea:d4:bb:6c:3e:87:9e:04:
                    57:5b:f7:54:7b:42:81:e2:25:f2:8f:1e:60:7c:d1:
                    d1:61:76:81:5b:6e:3d:5d:e6:70:90:cb:cf:a7:34:
                    9f:ad:8f:dd:92:a6:68:48:5d:e2:ad:fe:af:4a:ed:
                    93:6d:4a:25:6d:85:e6:c8:37:02:fe:32:83:0e:72:
                    95:1d:f0:cb:ce:b9:02:b9:3f:a7:bf:2f:d4:b4:c2:
                    1c:ca:22:01:5b:7f:f8:05:55:a9:70:b0:bf:e8:00:
                    d6:ea:7b:09:da:1b:7d:4c:90:82:82:90:49:91:c7:
                    3c:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:EF:7F:6D:DF:52:39:7F:ED:F9:97:8B:3F:C4:04:70:73:A2:13:ED
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:fb:f2:a0:7f:2c:aa:f5:5f:fb:c7:6f:ca:4f:d0:9a:ac:dc:
         d9:54:33:4c:8e:07:d5:6f:57:d6:c8:7d:ea:1a:7b:52:a8:1b:
         3d:cd:ed:f0:08:4f:22:dd:0d:bd:a1:1e:02:1b:51:52:2c:af:
         ea:5d:76:5e:23:af:47:7d:a8:98:54:97:d2:8e:45:c2:e6:04:
         fd:34:a7:b2:d0:78:b4:06:55:90:64:ea:bd:9e:05:3d:75:24:
         86:3e:d6:8b:c4:4a:6c:76:49:65:df:ce:52:44:82:09:85:11:
         d1:ee:2e:fa:55:13:31:1c:c9:04:5b:5b:d8:cf:6a:88:73:0d:
         0b:fa:83:b4:7a:eb:6b:60:8a:46:70:e3:3b:44:14:9f:e7:7e:
         12:80:ea:79:4d:a6:62:41:d8:d7:dd:22:f3:b9:54:ac:db:1e:
         9e:45:e2:ad:05:95:b1:49:05:38:75:b9:29:b5:6e:46:c1:1a:
         82:a8:c4:97:36:9f:52:3c:e9:71:f6:e2:20:83:9c:a7:d3:36:
         b2:62:ad:fa:13:b3:26:e8:4a:fc:46:92:40:80:97:2f:03:bb:
         6a:05:4f:de:04:93:37:b8:f0:a4:22:67:9b:2c:d8:60:50:a7:
         c1:b8:71:13:0d:87:58:10:6f:6d:2b:42:03:f9:e0:37:a1:65:
         32:25:f4:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKsXiP7SZEqi42zfw9nmASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjUwNjA3MTQwMDM0WhcNMjUwNjA4MTQwMDM0WjAzMTEwLwYDVQQD
EyhiNWVmN2Y2ZGRmNTIzOTdmZWRmOTk3OGIzZmM0MDQ3MDczYTIxM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H1GvEd7MP5wJvRPJJqyFZuEQ3vW
NgGJG14TGEEOC+vNGAT8v8JG75m+snvBVst/PVFYSjKAKcQbSzmj023NJ/APdp3g
RPItPb03/u/mGX4MzZZuYMFx/tfHDIioY8pWfN/p8/mvzwg3KN0rrkokAP6WPN8q
55FZ2dk/TneFxl11UJD1l1UlWw+ySNL06tS7bD6HngRXW/dUe0KB4iXyjx5gfNHR
YXaBW249XeZwkMvPpzSfrY/dkqZoSF3irf6vSu2TbUolbYXmyDcC/jKDDnKVHfDL
zrkCuT+nvy/UtMIcyiIBW3/4BVWpcLC/6ADW6nsJ2ht9TJCCgpBJkcc8jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLXvf23fUjl/7fmXiz/EBHBzohPtMB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApPvyoH8s
qvVf+8dvyk/Qmqzc2VQzTI4H1W9X1sh96hp7UqgbPc3t8AhPIt0NvaEeAhtRUiyv
6l12XiOvR32omFSX0o5FwuYE/TSnstB4tAZVkGTqvZ4FPXUkhj7Wi8RKbHZJZd/O
UkSCCYUR0e4u+lUTMRzJBFtb2M9qiHMNC/qDtHrra2CKRnDjO0QUn+d+EoDqeU2m
YkHY190i87lUrNsenkXirQWVsUkFOHW5KbVuRsEagqjElzafUjzpcfbiIIOcp9M2
smKt+hOzJuhK/EaSQICXLwO7agVP3gSTN7jwpCJnmyzYYFCnwbhxEw2HWBBvbStC
A/ngN6FlMiX0hg==
-----END CERTIFICATE-----